Top NZ virus revealed... What's killing your company?

What's the most prevalent malware family in New Zealand, and how can Kiwi businesses avoid it?

Failing to update Java software is the number one cause of privacy and security breaches online in New Zealand, according to international cyber security company F-Secure.

Across the wider A/NZ region, nearly half of all malware occur in old versions of Java or unpatched software; with a malware called Majava the most prevalent in both countries, resulting in around 400 infections per 10,000 people, new research reveals.

Identifying that one of the ten most prevalent malware families across A/NZ is called Sinowal, F-Secure such a virus targets the user names and passwords for online banking accounts.

F-Secure’s Chief Research Officer Mikko Hypponen says that now, more than ever, individuals and Kiwi businesses should be more cautious about securing sensitive information stored online, as malware threats have grown dramatically.

Internationally, F-Secure has seen a concerning rise in malware growth on the Android platform, from about 100 new families of mobile malware per quarter in 2013, to about 300 per quarter in 2014.

“Protecting your privacy online is critical, not only for individuals who are entitled to privacy as a human right, but also for businesses who store sensitive customer and employee information, as well as other commercially valuable data,” Hypponen says.

The global surge in cybercrime, the Australian government’s recent decision to review its current cyber-security strategy for the first time in six years, and the leaking of politically sensitive emails around the time of the New Zealand election, have all heightened concerns about the internet security environment in the Trans-Tasman region.

According to Hypponen, speaking ahead F-Secure's information sessions in Auckland this week, the first step to preventing cyber threats can be as simple as updating old software, a process that computer users often skip, whether because of lack of awareness or time.

“We hope these sessions will help individuals and businesses take back control of their right to privacy,” Hypponen adds.

“Without proper education about smart online habits, people and businesses face enormous risks, with the annual cost of cybercrime in Australia alone estimated at a staggering $1.65 billion.”

Meanwhile, in New Zealand, the government estimates the cost of cybercrime to be in the range of hundreds of millions of dollars.

F-Secure has outlined the top five measures everyone should be taking to prevent cybercrime and protect sensitive online information.

Page Break

1. Ensure Java and other software are up to date

The latest research from F-Secure found the top ranked infection to be due to outdated software with 48% of malware occurring in old versions of Java and unpatched software.

"The research found most users know to update their operating systems and browsers, however, are not updating plug-ins, such as Java and Adobe Flash plug-ins in browsers, putting privacy at serious risk," Hypponen explains.

2. Password protection

"Ensuring security passwords do not include information such as any family names, birthdays and addresses, as well as regularly updating passwords, is considered best practice for online privacy," Hypponen adds.

3. Be smart about USB ports and portable devices

F-Secure’s research showed USBs and removable drives as common vectors for spreading malware.

"However, simple precautionary measures such as not sharing portable devices between computers and running regular anti-virus software scans can help mitigate these risks," Hypponen says.

4. Download and update online security software

Hypponen believes that one of the most important ways to protect your privacy online is to ensure all mobile and PC devices are fitted with adequate and up-to-date security software.

Of the top malware infections in New Zealand, Majava topped the list in 2014, with 358 infections found per 10,000 people.

"The infection rates of these malware would be significantly reduced with appropriate anti-virus software," Hypponen advises.

5. Do not open suspicious emails or social media posts

F-Secure’s research found hackers are using new techniques when it comes to encouraging users to click on phishing links.

"As well as old techniques of sending malicious software via email through phishing links and attachments, hackers are now embedding malicious vectors through camouflaged links into users’ social media news feeds," Hypponen adds.